In the Maven settings.xml, I want to define an SSH server and provide:
I do not want:
~/.ssh/known_hosts fileAs such, existing answers on StackExchange do not help me, which include:
NullKnownHostProvider and setting hostKeyChecking to no.~/.ssh/known_hosts file.This is an example of how I envisioned it could be setup in the maven setup.xml:
<servers>
<server>
<id>gitcloud.myserver.net:8001</id>
<username>git</username>
<privateKey>C:/data/home/.ssh/id_rsa</privateKey>
<configuration>
<knownHostsProvider implementation="org.apache.maven.wagon.providers.ssh.knownhost.SingleKnownHostProvider">
<hostKeyChecking>yes</hostKeyChecking>
<contents>codecloud.web.att.com ssh-rsa XXXXA3NvvFakeSSHKEYsdfADA...doLQ==</contents>
</knownHostsProvider>
</configuration>
</server>
</servers>
This is a common problem, you can find many people on the Internet looking for a correct solution, trying to override the knownHostsProvider implementation with an instance of SingleKnownHostsProvider, as you explained in your example.
First, here is why it's not so easy to do that:
When the repository URL starts with scp:, Plexus, the component manager used by Maven, looks for a component with role org.apache.maven.wagon.Wagon and hint scp, and find the only one that complies to these needs in the current Wagon implementation (up to 3.0.1 at least), that is of class org.apache.maven.wagon.providers.ssh.jsch.ScpWagon. This class extends the class AbstractJschWagon in the same package, and this latter class statically defines a file role-hint to select a KnownHostProvider instance.
Therefore, this file role-hint makes Plexus use the class FileKnownHostsProvider to instanciate a KnownHostsProvider object that is given to the ScpWagon instance. This is because the class FileKnownHostsProvider is defined the following way at the beginning of its source file:
public class FileKnownHostsProvider
[...]
* @plexus.component role="org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider"
* role-hint="file"
On the contrary, the class SingleKnownHostProvider is not defined with role-hint file but with role-hint single:
public class SingleKnownHostProvider
[...]
* @plexus.component role="org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider"
* role-hint="single"
So, the binding to this unwanted (in your situation) FileKnownHostsProvider is statically defined in the AbstractJschWagon source file. This is the whole difficulty.
Now, here is how to solve the problem:
Use this Maven wagon patched implementation available here on GitHub, by running those steps:
1- in your pom.xml, you may have some maven extension defined this way:
<build>
<extensions>
<extension>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-ssh</artifactId>
<version>3.0.1</version>
</extension>
</extensions>
</build>
Note that you may use another version than the 3.0.1.
Anyway, change this definition by the specific version 3.0.1-SINGLE:
<build>
<extensions>
<extension>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-ssh</artifactId>
<version>3.0.1-SINGLE</version>
</extension>
</extensions>
</build>
2- This specific version 3.0.1-SINGLE is a Wagon version I've patched to solve this very common problem, I've also encountered. It is not available on Maven central, but on GitHub.
So, you must install it yourself, the following way for instance:
% git clone https://github.com/AlexandreFenyo/maven-wagon.git
% cd maven-wagon
% mvn install
3- Now, configure your setup.xml this way:
<servers>
<server>
<id>gitcloud.myserver.net:8001</id>
<username>git</username>
<privateKey>C:/data/home/.ssh/id_rsa</privateKey>
<configuration>
<hostKey>codecloud.web.att.com ssh-rsa XXXXA3NvvFakeSSHKEYsdfADA...doLQ==</hostKey>
</configuration>
</server>
</servers>
Everything should now work like you want: if the host key defined in the setup.xml file is correct, maven will not display the key fingerprint, nor ask you to validate this host key.
Hope that helps.